After you updated secure network analytics
Cisco Secure Network Analytics Release Notes 7.4.2
| - 2 - |
| - 3 - |
Introduction
For the complete list, refer to the following table.
|
||
|---|---|---|
|
|
|
|
Cisco Secure Network Analytics Flow Sensor | |
|
||
|
||
|
||
| Cisco Secure Network Analytics UDP Director | ||
|
- 5 - | |
Introduction
Before you begin the update process, review the .
Software Version
l Update your appliance software versions incrementally: For example, if you have Secure Network Analytics v7.1.x, make sure you update each appliance from v7.1.x to v7.2.x., then update from v7.2.x to v7.3.2, etc. Each update guide is available on .
l Baselining: Before you start the update to v7.4.2, make sure your appliances have been running on the same version of v7.3.0, v7.3.1, v7.3.2, v7.4.0, or v7.4.1 for more than 1 month (30 days). If you've updated your system to more than one version in a short period of time, your system baselining may be impacted. For assistance, please contact Cisco Support.
Introduction
The M4 common update process applies to UCS C-Series M4 hardware, and the common update patch applies to M5 hardware, for the appliances shown in the following table.
|
M5 Hardware | |
|---|---|---|
| Manager 2210 | ||
| FC 4210 | ||
| __ | ||
| __ | ||
|
FC 5210 Engine | |
|
FC 5210 Database | |
| FS 1210 | ||
| __ | ||
| FS 3210 | ||
| FS 4210 | ||
|
UD 2210 | |
|
- 7 - | |
Certificate Check
Updating to v7.4.2 includes a certificate check to verify the Cisco Bundles common update will not cause issues with your environment. If you are using certificates, make sure the full chain of certificates (as separate files) is in the Central Management Trust Store. If only the end-entity certificate is present in the Trust Store, the upgrade will fail.
High Availability
If you have high availability configured on your UDP Directors and plan to update Secure Network Analytics to v7.4.2, be sure to make note of your high availability settings on your UDP Director before you begin the update. You will need to reconfigure high availability once the update is complete. For more information about updating Secure Network Analytics, refer to the .
To learn how to confirm the list of your installed apps and to see the latest Secure Network Analytics apps compatibility information, refer to the .
l Microsoft Edge: There may be a file size limitation with Microsoft Edge. We do not recommend using Microsoft Edge to upload the software update files (SWU).
l Shortcuts: If you use browser shortcuts to access the Appliance Admin interface for any of your Secure Network Analytics appliances, the shortcuts may not work after the update process is complete. In this case, delete the shortcuts and recreate them.
Virtual Appliances - Console (serial connection to console port)
To access an appliance through KVM, refer to Virtual Manager documentation; or to connect to an appliance through VMware, refer to the vCenter Server Appliance Management Interface documentation for vSphere.
Alternative Method
Use the following instructions to enable an alternative method to access your Secure Network Analytics appliances for any future service needs.
| - 9 - |
|---|
When SSH is enabled, the system’s risk of compromise increases. It is important to enable SSH only when you need it and then disable it when you've finished using it.
1. Log in to the Manager.
6. Select the Appliance tab.
7. Locate the SSH section.
Make sure to disable SSH when you have finished using it.
Data Store Private LAN Settings and Data Node Expansion
Data Node Patch SWU
In the update to 7.4.0, we required installing a patch SWU on each Data Node. The Data Node patch SWU is not required for updating Secure Network Analytics to v7.4.2.
These are the new features and improvements for the Secure Network Analytics v7.4.2 release.
Menu Structure
Some of the new menus also include categories, such as Configure > GLOBAL Central Management (where Global is the category), and we've listed them here.
|
Former Menu | New Menu | ||
|---|---|---|---|---|
|
|
|||
| Secure Cloud Analytics | Secure Cloud Analytics | |||
|
|
|||
|
|
|||
|
||||
| © 2023 Cisco Systems, Inc. and/or its affiliates. All rights reserved. | - 11 - | |||
|
Saved Searches | Analyze | Search |
|---|
Management
What's New
|
|||
|---|---|---|---|
|
Search
Management
| Job Management | Jobs | Search |
|---|
| Former Menu |
|
||
|---|---|---|---|
|
|||
|
|||
|
|||
|
|||
|
|||
| Cisco ISE Configuration |
|
|
|
|
|
||
| Secure Cloud Analytics | Secure Cloud Analytics | ||
|
|||
|
(Help) icon | ||
|
(Help) icon | ||
|
|||
| (Help) icon | |||
|
(User) icon | ||
|
|||
| (User) icon |
| Manager Configuration | (Global | |||
|---|---|---|---|---|
| Settings) icon | ||||
| © 2023 Cisco Systems, Inc. and/or its affiliates. All rights reserved. | - 14 - | |||
What's New
If you've previously set up email notifications through Response Management, you'll also receive email messages indicating that your appliance identity certificates will be expiring.
|
- 15 - |
|---|
When you install an appliance, generate an appliance identity certificate, or generate a client identity certificate, Secure Network Analytics generates the certificate with an RSA key.
In v7.4.2, you can replace the system certificates with custom certificates that use ECDSA keys generated with NIST P-256, P-384, or P-521 curves.
Do not uninstall your existing Report Builder app. If you uninstall Report Builder, all files associated with it, including your saved reports and temporary files, are deleted.
Follow the instructions in the . After you've updated Secure Network Analytics to v7.4.2, access ther dashboard as follows:
Before you run a report, select the Data Store domain or Non-Data Store domain that includes your data.
| - 16 - |
|---|
|
|---|
Server Identity Verification: Preparing for the Update (7.3.x to 7.4.2 only)
Audit Log Destination Requirements
Before the update, make sure your Audit Log Destination configuration meets both of the following requirements:
Configuration. Select the General tab and scroll to the Trust Store section. For more information, refer to the .
|
- 17 - |
|---|
l Add the SMTP server identity certificate to the Manager trust store.
To access the Manager trust store, log in to the Manager. Select Configure >
l It includes the pxGrid node name or identification information (such as FQDN) listed as a Common Name or Subject Alternative Name, or,
l It matches a certificate in your Manager trust store.
The release schedule for Secure Network Analytics apps is independent from the normal Secure Network Analytics upgrade process. Consequently, we can update Secure Network Analytics apps as needed without having to link them with a core Secure Network Analytics release.
|
- 18 - |
|---|
After you've upgraded to v7.4.2, do the following to access the apps:
1. From the main menu, select Configure > GLOBAL Central Management.
l Alerts and Observations now has SMC Failover support. Alerts and Observations data is processed and stored only on the Manager that is currently in the primary role. When you promote the original primary Manager back to the primary role, you will not be able to view any alerts and observations data that was processed on the original secondary Manager while it served in the primary role.
l When upgrading from v7.4.1 to v7.4.2, customer’s data does not persist.
o Repeated Umbrella Sinkhole Communications
l Added the following new observation:
| - 19 - |
|---|
l Added the following new system alarms:
o Analytics does not support more than 1 Data Store domain o Analytics Performance has degraded
o Analytics results are incompletel Device Report:
o Moved the alerts data from the Summary tab to the main page.
